<?php
/*
//////////////////////////////////////////////////////
// GPAC Database is Copyright 2002 Colin Todd       //
// Written by Colin Todd - All rights reserved.     //
//                                                  //
// colintodd@myfastmail.com                         //
//////////////////////////////////////////////////////

// database connect script.
$root = './';
include_once('_includes/master_include.php');

$myError = "";

if($PACTS_cfg->logged_in == 1) {
    //echo('You are already logged in, '.$_SESSION['username'].'.');
    mysql_close($PACTS_cfg->dblink);
    //echo "about to rediect<p>";
    //echo "".SID;

    header( "Location: Home.php?".SID );
    exit;

    // redirect to main page
}

// set if not submit
$bErrorWithLogin = TRUE;


///////////////////////////////////////////////////////////////////////////////////////////////////////

while (isset($_POST['submit'])) { // if form has been submitted
    $bErrorWithLogin = FALSE;

    if(!$_POST['uname'] | !$_POST['passwd']) {
        $myError = ('You did not fill in a required field!</td></tr><tr><td>');
        $bErrorWithLogin = TRUE;
        break;
    }

    // authenticate.

    if (!get_magic_quotes_gpc()) {
        $_POST['uname'] = addslashes($_POST['uname']);
    }

    $check = mysql_query("SELECT username, pw FROM Users WHERE username = '".$_POST['uname']."'",$PACTS_cfg->dblink);



    //echo "SELECT username, password FROM users WHERE username = '".$_POST['uname']."'"."<p>";
    if (mysql_error()) {
        $myError =('That username does not exist in our database!</td></tr><tr><td>');
        $bErrorWithLogin = TRUE;
        break;

    }

    //$info = $check->fetchRow();
    $info = mysql_fetch_array($check, MYSQL_ASSOC);
    // check passwords match

    $_POST['passwd'] = stripslashes($_POST['passwd']);
    $info['pw'] = stripslashes($info['pw']);
    $_POST['passwd'] = md5($_POST['passwd']);


    if ($_POST['passwd'] != $info['pw']) {
        $myError =('Incorrect password, please try again!</td></tr><tr><td>');
        $bErrorWithLogin = TRUE;
        break;

    }

    // if we get here username and password are correct,
    //register session variables and set last login time.

    $date = date('m d, Y');

    $update_login = mysql_query("UPDATE Users SET last_login = '$date' WHERE username = '".$_POST['uname']."'");

    $_POST['uname'] = stripslashes($_POST['uname']);
    $_SESSION['username'] = $_POST['uname'];
    $_SESSION['password'] = $_POST['passwd'];
    mysql_close($dblink);

    header( "Location: Home.php?".SID );
    exit;

} 

if($bErrorWithLogin) {

    $start = $PACTS_cfg->utime();

    ?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
    <link rel="stylesheet" type="text/css" href="include/style.css">
    <?php
    echo "<title>LogIn to $PACTS_cfg->SoftwareShortName : $PACTS_cfg->SoftwareLongName v$PACTS_cfg->SoftwareVersion</title>\n";
    ?>
</head>
<body bgcolor="#FFFFFF" text="#000000" leftmargin="2" topmargin="2" marginwidth="2" marginheight="2" onload="document.Login.uname.focus()">
<?php
$PACTS_cfg->html_header();

$PACTS_cfg->start_page();
?>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr> 
<td colspan="2" align="right"><a title="<?php echo"$PACTS_cfg->SoftwareShortName : $PACTS_cfg->SoftwareLongName v$PACTS_cfg->SoftwareVersion\"><img src=\"$PACTS_cfg->SoftwareLogo\" align=\"left\" border=\"0\" width=\"300\" >"; ?></a></td>
<td style="text-align:right;">
    
    <font class="smalltxt" ><?php echo"<a title=\"Todays date\">$PACTS_cfg->date</a>"; ?>&nbsp;</font>
</td></tr>
<tr><td>XXXX<font class="smalltxt" color=#FF0000>
        <?php echo $myError;

    }

    if( (!isset($_POST['submit'])) or $bErrorWithLogin){	// if form hasn't been submitted

        ?>
        </font>
        <form name="Login" action="<?php echo $_SERVER['PHP_SELF']?>" method="post" autocomplete="off" autofill="off" >
            <table align="center" border="0" cellspacing="0" cellpadding="3">
                <tr><td colspan="2"><font size=+2><b>Login</b></font></td><td>
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxssssssssssssssssssss
                <tr><td><font class="smalltxt">Username:</font></td><td>
                        <input type="text" name="uname" maxlength="40">
                </td></tr>
                <tr><td><font class="smalltxt">Password:</font></td><td>
                        <input type="password" name="passwd" maxlength="50">
                </td></tr>
                <tr><td colspan="2" align="right">
                        <input type="submit" name="submit" value="Login" class="smalltxtInput">
                </td></tr>
            </table>
        </form>
        <?php
    }
    ///////////////////////////////////////////////////////////////////////////////////////////////////////

    // LEFT OVERS
    ?>


</td></tr>
<tr><td><br /><br />
</td></tr>
</table>
<?php
$PACTS_cfg->end_page();

include($root . 'include/footer.php');
exit;

?>


<center>Copyright &copy; 2002 <a rel="external" href="http://www.theres-more-to-life.com">Glenmore Park Anglican Church</a></center>

</body>
</html>
<?php */ ?>